Skip to content

View Navigation

Latest News

You are here: Home > News > Archive News > Focus on Phishing

Focus on Phishing

Like wasps at a picnic, phishing emails are one of those annoying facts of life. Whilst a lot of dodgy emails will be automatically diverted into your junk folder, some will land in your inbox. In this article, we'll look at how fraudsters try to avoid detection and how you can protect yourself.

Why do some dodgy emails end up in my inbox?

Email inboxes usually have a spam filter set up to divert suspicious messages away from your inbox. However, they aren't fool-proof and sometimes messages will slip past the filters. Just because an email has appeared in your inbox, doesn't mean that it's safe to interact with.

For NHSmail accounts, the spam filter is pretty good. However, fraudsters have worked out that they can bypass some security features by hijacking another NHSmail account. This is why you'll sometimes get weird emails that look like they've come from another NHS employee. Their account may have been hacked and they'll have no idea what has been sent from their email address!

What is the point of phishing emails?

Although phishing emails can seem like little more than a nuisance, they have the potential to cause a lot of damage. The email itself is often the first step in carrying out a more sinister attack. The sender may be intending to take over your account, steal confidential information, spread viruses, or trick you into making a payment that isn't necessary.

What about the phishing emails I get at work?

NHS phishing emails often appear to be aimed at hijacking your email address and password. To do this, the email will contain a link which takes you onto a phishing website. These sites are designed to look like something you would normally trust - common examples include Share Point and ESR.

What would they do with my account if they hijacked it?

If they get access to your NHSmail, they can use your hijacked account to target others. They will also look for sensitive data, passwords for other accounts, and any content that they can use in future frauds (such as copies of invoices, names / contact details of people you often email, and names of key systems). If they get into your ESR account, they can change your bank details and steal your identity. They could also use the information they have collected to take out loans and other credit agreements in your name, without your knowledge.

Potential Signs of Phishing

  • The email contains hidden links which you are directed to click.
  • It tries to pressure you into taking action quickly.
  • It has come from someone you don't know (e.g. an NHS employee at another Trust or a GP practice).
  • It contains random logos for NHS services in an attempt to look genuine. Spelling and grammar issues, or unusual wording.

Keeping your accounts safe

  • Never click on links if you're not sure whether the email is genuine.
  • Be particularly cautious of emails claiming to be from ESR / Payroll and invites to view documents on secure sharing sites.
  • Hover over links to see which website you're going to be taken to. Please look really closely - we have seen examples recently where the sender has set up fake "NHS" websites which can look legitimate at first glance.
  • Check senders details closely - look for small changes like extra digits or slightly different suffixes (e.g. @nhst.net)
  • Remember that NHS email addresses can be hijacked - just because the email has come from an @nhs.net account doesn't mean it's genuine.
  • If in doubt, seek advice from your Local Counter Fraud Specialist.

Other useful articles can be found in our Counter Fraud Newsletters on theĀ Publications page